package com.efe.ms.esservice.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
/***
 * 	停用security权限模块
 * @author hhx
 * @date 2020-11-03 10:55:47
 *
 */
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
	@Override
	protected void configure(HttpSecurity http) throws Exception {
		// 关闭 CSRF保护 开发post请求
		//Spring Security，那么 CSRF 保护默认是开启的，那么在 POST 方式提交表单的时候就必须验证 Token，如果没有，那么自然也就是 403 没权限了
		http.csrf().disable();
		//关闭身份验证
		http.authorizeRequests().anyRequest().permitAll().and().logout().permitAll();
	}
}